<!DOCTYPE html>

<html xmlns:th="http://www.thymeleaf.org">

<div class="lesson-page-wrapper">
    <div class="adoc-content" th:replace="~{doc:lessons/passwordreset/documentation/PasswordReset_plan.adoc}"></div>
</div>
<div class="lesson-page-wrapper">
    <div class="adoc-content" th:replace="~{doc:lessons/passwordreset/documentation/PasswordReset_simple.adoc}"></div>

    <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/password.css}"/>
    <script th:src="@{/lesson_js/bootstrap.min.js}" language="JavaScript"></script>
    <script th:src="@{/lesson_js/password-reset-simple.js}" language="JavaScript"></script>
    <div class="attack-container">
        <img th:src="@{/images/wolf-enabled.png}" class="webwolf-enabled"/>
        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>

        <div class="container-fluid">

            <div class="row">
                <div class="col-md-4">


                    <form class="attack-form" accept-charset="UNKNOWN" novalidate="novalidate"
                          method="POST"
                          th:action="@{/PasswordReset/simple-mail/reset}">
                        <div style="display: none;" id="password-reset-2">
                            <h4 class="">Forgot your password?</h4>

                            <fieldset>
                                <span class="help-block">Please type your e-mail address</span>
                                <div class="form-group input-group">
                                    <span class="input-group-addon">@</span>
                                    <input class="form-control" th:attr="placeholder=${username + '@webgoat.org'}" name="emailReset"
                                           type="email"/>
                                </div>
                                <button type="submit" class="btn btn-primary btn-block" id="btn-olvidado">Continue
                                </button>
                                <p class="help-block">
                                    <a class="text-muted" href="#" id="acceso" onclick="showPassword()">
                                        <small>Account Access</small>
                                    </a>
                                </p>
                            </fieldset>

                        </div>
                    </form>
                    <form class="attack-form" accept-charset="UNKNOWN" novalidate="novalidate"
                          method="POST"
                          th:action="@{/PasswordReset/simple-mail}">
                        <div style="padding: 20px;" id="password-login-2">
                            <h4 style="border-bottom: 1px solid #c5c5c5;"><i class="glyphicon glyphicon-user"></i>
                                Account
                                Access</h4>
                            <fieldset>
                                <div class="form-group input-group">
                                    <span class="input-group-addon">@</span>
                                    <input class="form-control" placeholder="Email" name="email" type="email"
                                           autofocus=""></input>
                                </div>
                                <div class="form-group input-group">
                                    <span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
                                    <input class="form-control" placeholder="Password" name="password"
                                           type="password" value=""/>
                                </div>
                                <div class="form-group">
                                    <button type="submit" class="btn btn-primary btn-block">
                                        Access
                                    </button>
                                    <p class="help-block">
                                        <a class="pull-right text-muted" href="#" id="olvidado"
                                           onclick="showPasswordReset()">
                                            <small>Forgot your password?</small>
                                        </a>
                                    </p>
                                </div>
                            </fieldset>

                        </div>
                    </form>
                </div>
            </div>
        </div>
        <br/>

        <br/>
        <div class="attack-feedback"></div>
        <div class="attack-output"></div>
    </div>
</div>

<div class="lesson-page-wrapper">
    <div class="adoc-content" th:replace="~{doc:lessons/passwordreset/documentation/PasswordReset_wrong_message.adoc}"></div>
</div>

<div class="lesson-page-wrapper">
    <div class="adoc-content" th:replace="~{doc:lessons/passwordreset/documentation/PasswordReset_known_questions.adoc}"></div>

    <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/password.css}"/>
    <script th:src="@{/lesson_js/bootstrap.min.js}" language="JavaScript"></script>
    <script th:src="@{/lesson_js/password-reset-simple.js}" language="JavaScript"></script>
    <div class="attack-container">
        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
        <form class="attack-form" accept-charset="UNKNOWN"
              method="POST"
              action="PasswordReset/questions">
            <div class="container-fluid">
                <div class="col-md-4">
                    <article class="card-body">
                        <a class="float-right btn btn-outline-primary">Sign up</a>
                        <a class="float-right btn btn-outline-primary">Login</a>
                        <h4 class="card-title mb-4 mt-1">WebGoat Password Recovery</h4>
                        <form>
                            <div class="form-group">
                                <label>Your username</label>
                                <input name="username" class="form-control" placeholder="Username" type="text"/>
                            </div>
                            <div class="form-group">
                                <label>What is your favorite color?</label>
                                <input class="form-control" placeholder="Answer security question" type="text"
                                       name="securityQuestion"/>
                            </div>
                            <div class="form-group">
                                <button type="submit" class="btn btn-primary btn-block"> Submit</button>
                            </div>
                        </form>
                    </article>
                </div>
            </div>

        </form>
        <br/>

        <br/>
        <div class="attack-feedback"></div>
        <div class="attack-output"></div>
    </div>
</div>

<div class="lesson-page-wrapper">
    <div class="adoc-content" th:replace="~{doc:lessons/passwordreset/documentation/PasswordReset_SecurityQuestions.adoc}"></div>
    <div class="attack-container">
        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
        <form class="attack-form" accept-charset="UNKNOWN"
              method="POST" name="form"
              action="PasswordReset/SecurityQuestions">
            <select name="question">
                <option>What is your favorite animal?</option>
                <option>In what year was your mother born?</option>
                <option>What was the time you were born?</option>
                <option>What is the name of the person you first kissed?</option>
                <option>What was the house number and street name you lived in as a child?</option>
                <option>In what town or city was your first full time job?</option>
                <option>In what city were you born?</option>
                <option>On which wrist do you were your watch?</option>
                <option>What was the last name of your favorite teacher in grade three?</option>
                <option>What is the name of a college/job you applied to but didn't attend?</option>
                <option>What are the last 5 digits of your drivers license?</option>
                <option>What was your childhood nickname?</option>
                <option>Who was your childhood hero?</option>
                <option>What is your favorite color?</option>
            </select>
            <input name="Check Question" value="check" type="SUBMIT"/>
        </form>
        <br/>
        <div class="attack-output"></div>
    </div>
</div>

<div class="lesson-page-wrapper">
    <div class="adoc-content" th:replace="~{doc:lessons/passwordreset/documentation/PasswordReset_host_header.adoc}"></div>
    <div class="attack-container">
        <img th:src="@{/images/wolf-enabled.png}" class="webwolf-enabled"/>
        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>

        <form class="attack-form" accept-charset="UNKNOWN"
              method="POST"
              action="PasswordReset/reset/login">
            <div class="container-fluid">
                <div class="row">
                    <div class="col-md-4">
                        <h4 style="border-bottom: 1px solid #c5c5c5;">
                            <i class="glyphicon glyphicon-user"></i>
                            Account Access
                        </h4>
                        <div style="padding: 20px;" id="password-login">
                            <form id="login-form" class="attack-form" accept-charset="UNKNOWN"
                                  method="POST" name="form"
                                  action="PasswordReset/reset/login"
                                  role="form">
                                <fieldset>
                                    <div class="form-group input-group">
                                        <span class="input-group-addon"> @ </span>
                                        <input class="form-control" placeholder="Email" name="email" type="email"
                                               required="" autofocus=""/>
                                    </div>
                                    <div class="form-group input-group">
          <span class="input-group-addon">
            <i class="glyphicon glyphicon-lock">
            </i>
          </span>
                                        <input class="form-control" placeholder="Password" name="password"
                                               type="password"
                                               value="" required=""/>
                                    </div>
                                    <div class="form-group">
                                        <button type="submit" class="btn btn-primary btn-block">
                                            Access
                                        </button>
                                        <p class="help-block">
                                            <a class="pull-right text-muted" href="#" onclick="showPasswordReset()">
                                                <small>Forgot your password?</small>
                                            </a>
                                        </p>
                                    </div>
                                </fieldset>
                            </form>
                        </div>
                        <div style="display: none;" id="password-reset">
                            <h4 class="">
                                Forgot your password?
                            </h4>
                            <form class="attack-form" accept-charset="UNKNOWN"
                                  method="POST" name="form"
                                  action="PasswordReset/ForgotPassword/create-password-reset-link"
                                  role="form">
                                <fieldset>
        <span class="help-block">
          Email address you use to log in to your account
          <br/>
          We'll send you an email with instructions to choose a new password.
        </span>
                                    <div class="form-group input-group">
          <span class="input-group-addon">
            @
          </span>
                                        <input class="form-control" placeholder="Email" name="email" type="email"
                                               required=""/>
                                    </div>
                                    <button type="submit" class="btn btn-primary btn-block" id="btn-login">
                                        Continue
                                    </button>
                                    <p class="help-block">
                                        <a class="text-muted" href="#" onclick="showPassword()">
                                            <small>Account Access</small>
                                        </a>
                                    </p>
                                </fieldset>
                            </form>
                        </div>
                    </div>
                </div>
            </div>
        </form>

        <br/>
        <div class="attack-feedback"></div>
        <div class="attack-output"></div>
    </div>
</div>

<div class="lesson-page-wrapper">
    <div class="adoc-content" th:replace="~{doc:lessons/passwordreset/documentation/PasswordReset_mitigation.adoc}"></div>
</div>
</html>
